System and method for performing exponentiation in a cryptographic system

ABSTRACT

There are disclosed systems and methods for computing an exponentiatied message. In one embodiment blinding is maintained during the application of a Chinese Remainder Theorem (CRT) algorithm and then removed subsequent to the completion of the CRT algorithm. In another embodiment, fault injection attacks, such as the gcd attack, can be inhibited by applying and retaining blinding during the application of the CRT algorithm to yield a blinded exponentiation value, and then subsequently removing the blinding in a manner that causes an error injected into the CRT computation to cascade into the exponent of the value used to unblind the blinded exponentiated value.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims priority from U.S. Provisional Application No.61/156,251 filed on Feb. 27, 2009, and from U.S. Provisional ApplicationNo. 61/159,618 filed on Mar. 12, 2009. Both of these provisionalapplications are incorporated herein by reference.

TECHNICAL FIELD

The following relates generally to cryptographic systems, and methods ofperforming exponentiation in such systems.

BACKGROUND

A cryptographic system is a computer system that uses cryptography,typically to secure or authenticate data communication between a pair ofcomputing devices connected to one another through a data communicationlink in the system. Each computing device has a cryptographic unit withthe processing capacity to implement one or more cryptographicalgorithms used to secure or authenticate the data communication. Thecryptographic algorithms typically perform arithmetic operations on thebit strings representing parameters, messages, or data in the protocolsto produce a bit string representing the output from the protocol.

Cryptographic systems may be subject to a variety of attacks by aninterloper who wishes to obtain secret information. Some of theseattacks are based on the physical implementation of a cryptographicsystem rather than a theoretical weakness in the cryptographic algorithmitself. For example, in side-channel attacks, timing information,electromagnetic emissions, power usage, or other side-channelinformation is used to try and determine a secret value utilized by thecryptographic unit during calculations.

Fault injection techniques may also be used by an interloper to try anddetermine secret information. In an attack of this nature, theinterloper introduces errors into the data or arithmetic operationsperformed by the cryptographic unit by some means in hope that theerroneous results might reveal secret information or cause the device toperform incorrectly or not as designed. For example, an interloper mayapply attacking stimuli such as incorrect clocking, incorrect powersupply, or external energy sources (e.g. pulsed lasers orelectromagnetic fields), and then monitor the output of the resultand/or of the side-channels in the hopes of obtaining information thatcan be used to determine secret information.

One of the basic arithmetic operations performed in many types ofcryptographic systems is a k-fold group operation referred to asexponentiation. Exponentiation is used in an RSA based cryptographicsystem to encrypt and decrypt messages and to sign and verify messages.The Chinese Remainder Theorem (CRT) is a basic algorithm used to performexponentiation, and it is well known that this algorithm can beparticularly vulnerable to attacks such as those described above.

In a typical RSA based cryptographic system, a correspondent A, whichforms part of the cryptographic system, uses its cryptographic unit tosign messages that are verified by a correspondent B in thecryptographic system. The RSA parameters for such a scheme arerepresented as bit strings and typically consist of the values n=pq, d,and e, where:

p and q are secret prime numbers generated by correspondent A;

e is a positive integer chosen such that gcd(e, φ)=1, whereφ=(p−1)(q−1); and

d is a number used as a private key and is selected such that ed≡1 (modφ).

Correspondent A uses private key d for signing a message in, and (n, e)is the corresponding public information used by correspondent B tovalidate the signature. Correspondent A may then create a signature s bycalculating s=m^(d) mod n. The recipient, correspondent B, may thenverify the signature by computing s^(e) mod n and checking that thiscomputed value corresponds to a message in the message space.

As is well known in the art, the CRT may be used by correspondent A tocalculate the signature s more efficiently. In the context of an RSAsystem, the CRT states that given a value a₁ calculated by a mod poperation, and given a value a₂ calculated by a mod q operation, thereexists a unique solution x modulo n=pq such that x≡a₁ (mod p) and x≡a₂(mod q). A well-known method for solving x is to use Garner's algorithm,which is described in “Handbook of Applied Cryptography,” Menezes etal., CRC Press, 1997, pp. 612-613, incorporated herein by reference.

To calculate s=m^(d) mod n by employing the CRT, correspondent A firstcalculates signature components s_(p)=m^(d) mod p and s_(q)=m^(d) mod q,and then combines these values to yield s using Garner's algorithm. Byapplying Garner's algorithm, the resulting combination may be calculatedin the computational unit of correspondent A according to the followingformula:

s=CRT(s _(p) ,s _(q))=s _(q) +[s _(p) −s _(q))(q ⁻¹ mod p)mod p]q(modn)  (1)

Additionally, it is a well-known mathematical fact that m^(d) modp=m_(p) ^(d) ^(p) mod p where m_(p)=m mod p and d_(p)=d mod(p−1), andsimilarly m^(d) mod q=m_(q) ^(d) ^(q) mod q where m_(q)=in mod q andd_(q)=d mod(q−1). Therefore, when computing RSA signatures using theCRT, correspondent A need not store private key d, but instead may storevalues p, q, d_(p), d_(q), and q⁻¹ mod p. In this case, when signing amessage in, correspondent A uses its cryptographic unit to perform theRSA-CRT computation on the bit strings representing the message in andthe RSA parameters. Specifically, the cryptographic unit firstcalculates message components m_(p) and m_(q); next signature componentss_(p)=m_(p) ^(d) ^(p) mod p and s_(q)=m_(q) ^(d) ^(q) mod q arecalculated; and finally the CRT is used to derive signature s viaGarner's algorithm (1) above.

As described in detail in U.S. Pat. No. 7,177,423 to Antipa (“Antipa”),incorporated herein by reference, when computing s₁, or s_(q),correspondent A may be subject to a timing attack by an interloperwishing to determine the secret value p or q and therefore break thesystem. Therefore, when computing an exponentiation such as s_(p)=m^(d)mod p or s_(q)=m^(d) mod q, it is preferable to apply blinding, i.e., tomodify the message in by a value unknown to the attacker beforeexponentiation and then adjust the resulting exponentiated value toretrieve the required value. A variety of blinding techniques are knownin the art; however, Antipa advantageously discloses a blindingtechnique that avoids an inversion operation to recover the correctvalue after exponentiation. A summary of the blinding techniquedisclosed in Antipa for computing an exponentiation is as follows.Assume the cryptographic unit of correspondent A is computing the values_(p)=m^(d) mod p. First, the cryptographic unit generates a blindingparameter r, which is preferably randomly generated, and then performsexponentiation to calculate r^(e) mod p, where e is the RSA parameterthat comprises one component of the public key. Next, the cryptographicunit combines the message in with r^(e) mod p to yield mr^(e) mod p. Asmall value σ is then chosen, and an intermediate value (mr^(e))^(d−σ)mod p is calculated, where d is the private key. This intermediate valueis then multiplied by a value m^(σ) to obtain a blinded value {tildeover (s)}_(p)=r^(1-eσ)m^(d) mod p. Finally, the value {tilde over(s)}_(p)r^(1-eσ)m^(d) mod p is unblinded by multiplying the value byr^(eσ−1) to obtain s_(p)=m^(d) mod p.

Conveniently, in the above protocol, the value σ can be set to be equalto 1 in order to simplify the calculations. In this case, the blindedvalue is reduced to {tilde over (s)}_(p)=r^((1-e))m^(d) mod p, which canbe unblinded by multiplying by r^((e−1)) to yield s_(p)=m^(d) mod p.

Using the Antipa blinding technique, s_(p) and s_(q) may be calculatedin a way that inhibits p and q from being determined from side-channelattacks, such as timing attacks.

Although blinding the calculation of s_(p) and s_(q), enhancesprotection against timing attacks by an interloper wishing to uncover pand q, it has been shown that a cryptographic system that uses the CRTto compute the value s efficiently is still vulnerable to faultinjection attacks. For example, if an interloper can force one of thecalculations s_(p) or s_(q), say s_(q), to contain an error, then thesignature s will be correct modulo p, but not modulo q. In this case, ithas been shown that there is a significant chance that the greatestcommon denominator of s^(e)−m and n, is equal to secret value p, i.e.that gcd(s^(e)−m, n)=p. This may allow the interloper to determinesecret information p. Such an attack is referred to as a gcd attack onan RSA-CRT implementation.

It is desired to obviate or mitigate at least one of the disadvantagesdescribed above.

BRIEF DESCRIPTION

Exemplary embodiments will now be described by way of example only withreference to the accompanying drawings, in which:

FIG. 1 is a schematic representation of a cryptographic communicationsystem;

FIG. 2 is a schematic representation of a cryptographic unit used in thecryptographic communication system of FIG. 1;

FIG. 3 is a schematic of an embodiment of a method of exponentiating amessage;

FIG. 4 is a schematic of an embodiment of a method of generating asignature using the RSA-CRT algorithm with blinding to generate ablinded signature, and then subsequently unblinding the signature;

FIG. 5 is a schematic of one embodiment of a method of unblinding ablinded signature;

FIG. 6 is a schematic of another embodiment of a method of unblinding ablinded signature; and

FIG. 7 is a schematic of an embodiment of a method of generating ablinded signature and then subsequently unblinding the blindedsignature, wherein split secret values and multiplicatively randomizedmoduli are utilized.

DETAILED DESCRIPTION

In general, it has been recognized that blinding can be maintainedduring the application of the CRT algorithm and then removed subsequentto the completion of the CRT algorithm. It has been further recognizedthat fault injection attacks, such as the gcd attack, can be inhibitedby applying and retaining blinding during the application of the CRTalgorithm to yield a blinded exponentiation value, and then subsequentlyremoving the blinding in a manner that causes an error injected into theCRT computation to cascade into the exponent of the value used tounblind the blinded exponentiated value. It has further been recognizedthat protection against side-channel attacks during the CRT computationmay be enhanced by splitting one or more secret values used in the CRTcomputation into a plurality of constituent values, and/or bymultiplicatively randomizing the secret moduli.

Embodiments will now be described with reference to the figures. It willbe appreciated that for simplicity and clarity of illustration, whereconsidered appropriate, reference numerals may be repeated among thefigures to indicate corresponding or analogous elements. In addition,numerous specific details are set forth in order to provide a thoroughunderstanding of the embodiments described herein. However, it will beunderstood by those of ordinary skill in the art that the embodimentsdescribed herein may be practiced without these specific details. Inother instances, well-known methods, procedures and components have notbeen described in detail so as not to obscure the embodiments describedherein. Also, the description is not to be considered as limiting thescope of the embodiments described herein.

It will also be appreciated that that any module, component, or deviceexemplified herein that executes instructions may include or otherwisehave access to computer readable media such as storage media, computerstorage media, or data storage devices (removable and/or non-removable)such as, for example, magnetic disks, optical disks, or tape. Computerstorage media may include volatile and non-volatile, removable andnon-removable media implemented in any method or technology for storageof information, such as computer readable instructions, data structures,program modules, or other data. Examples of computer storage mediainclude RAM, ROM, EEPROM, flash memory or other memory technology,CD-ROM, digital versatile disks (DVD) or other optical storage, magneticcassettes, magnetic tape, magnetic disk storage or other magneticstorage devices, or any other medium which can be used to store thedesired information and which can be accessed by an application, module,or both. Any such computer storage media may be part of the device oraccessible or connectable thereto. Any application or module hereindescribed may be implemented using computer readable/executableinstructions that may be stored or otherwise held by such computerreadable media.

Turning therefore to FIG. 1, a cryptographic communication system isgenerally denoted by numeral 10. The system 10 has a first correspondent12 and a second correspondent 14, which are typically computing devicessuch as a client/server, a pair of computers, or a pair of mobiledevices, who communicate with each other over a communication channel16. The correspondents 12 and 14 are communicating apparatuses havingsufficient computational capability to perform the operations requiredto implement cryptographic algorithms with a key size sufficient towithstand brute force attacks. They are configured to communicatesecurely over communication channel 16 through the use of cryptographicprotocols. For the purpose of illustration, it will be assumed that thecorrespondents 12 and 14 use a protocol based on the RSA system. It willbe understood, however, that the techniques described herein areapplicable to other protocols in which exponentiation is utilized, forexample, in other schemes based on the integer factorization problem.

Each correspondent 12 and 14 has a cryptographic unit 18 and 20respectively to implement cryptographic algorithms and associatedarithmetic operations in a secure manner. The cryptographic unit 18 ofcorrespondent 12 is shown in greater detail in FIG. 2, it beingunderstood that the cryptographic unit 20 of correspondent 14 will havesimilar functionality. Cryptographic unit 18 comprises a communicationport 26 for communicating with correspondent 14 over communicationchannel 16, and an arithmetic processing unit 28 for performing RSAcryptographic operations. The arithmetic processing unit 28 may includehardware, computer readable software instructions, or a combination ofboth that is configured to perform cryptographic operations such asthose described in detail below. Associated with arithmetic processingunit 28 is a random number generator 36 for generating random values foruse in blinding, as will also be described in detail below. Thecryptographic unit 18 further includes a memory 30 for storing theresults of cryptographic operations performed by processing unit 28, aswell as for storing information received via port 26. The memory 30 maybe a dedicated memory or a secure partition of the memory associatedwith the correspondent 12. Cryptographic parameters 22 for performingRSA cryptographic operations are also stored in memory 30. The specificparameters 22 will vary depending on the protocol and/or implementation.However, for the embodiments described below, it will be assumed thatcryptographic unit 18 performs exponentiation by implementing an RSA-CRTalgorithm, and that to achieve this, secret values p, q, d_(p)=dmod(p−1), d_(q)=d mod(q−1), and q⁻¹ mod p are retained in memory 30.Internal buses 32 are used by cryptographic unit 18 for communicatinginformation internally.

It will be appreciated that cryptographic unit 20 of correspondent 14,which is not shown in detail in the figures, has a similar internalstructure. Cryptographic unit 20 performs RSA cryptographic operationsusing its arithmetic processing unit and retains public values n and ein its memory, which correspond with the parameters 22 stored bycorrespondent 12 in memory 30. Both cryptographic units 18 and 20 aresecure to ensure values used in the computations, as well as thepartition of memory 30 used to store the system parameters, are notdirectly accessible either by physical inspection or by interrogation bya computing device.

During operation, correspondent 12 may wish to perform an exponentiationof a message m using the RSA-CRT algorithm. For example, the message mmay be encrypted information sent from correspondent 14, and therefore,correspondent 12 may wish to decrypt the message m by exponentiating themessage m by his private key to obtain an exponentiated messagerepresenting the decrypted information. Alternatively, the message m maybe information that the correspondent wishes to sign by exponentiatingthe message in by his private key to obtain an exponentiated messagerepresenting the signature s of the message in. To simplify thedescription of the following embodiments, it will be assumed thatcorrespondent 12 wishes to generate a signature s for a message m anduses an RSA-CRT algorithm to perform the exponentiation. However, itwill be appreciated that the embodiments described below can begeneralized to any exponentiation where a secret exponent is to be used,including, for example, decrypting an encrypted message.

Turning therefore to FIG. 3, an embodiment of a method is shown forcomputing an exponentiation of the message M. In step 102, thecorrespondent 12 performs modular arithmetic operations in itsprocessing unit 28 to generate a first message component and a secondmessage component. The first message component is computed by operatingon the message in using a mod p operation, and the second messagecomponent is computed by operating on the message m using a mod qoperation. Next, in step 104, the processing unit 28 computes a firstblinded exponentiated message component using the first messagecomponent, a value derived from a blinding parameter, and the privatekey information. The processing unit 28 also computes a second blindedexponentiated message component using the second message component,another value derived from the blinding parameter, and the private keyinformation. It will be appreciated that the two values derived from theblinding parameter may be the same value and may be the blindingparameter itself.

Then, in step 106, the processing unit 28 combines the first blindedexponentiated message component and the second blinded exponentiatedmessage component using a Chinese Remainder Theorem (CRT) algorithm toobtain a blinded exponentiated message. Finally, in step 108, theprocessing unit 28 combines the unblinding value with the blindedexponentiated message to obtain the exponentiated message.

Specific embodiments in the context of an RSA system are describedbelow.

Turning next to FIG. 4, an embodiment of a method will now be describedin which cryptographic unit 18 of correspondent 12 generates a signatures using the RSA-CRT algorithm by: (a) applying blinding to thecalculation of each signature component s_(p) and s_(q) to obtainblinded signature components {tilde over (s)}_(p) and {tilde over(s)}_(q); (b) combining the blinded signature components {tilde over(s)}_(p) and {tilde over (s)}^(q), using Garner's algorithm' (1) toyield a blinded signature values {tilde over (s)}; and (c) unblindingthe blinded signatures {tilde over (s)} to yield signature s.

Correspondent 12 generates a message in, which it wishes to sign bycreating a signature s and then subsequently send this signature and themessage M to correspondent 14. Therefore, in step 302, first thecorrespondent 12 instructs the cryptographic unit 18 to retrieve frommemory 30 via bus 32 secret values p and q and load these values intoarithmetic processing unit 28 along with message m. In step 304,processing unit 28 then performs modular arithmetic operations togenerate bit strings representing message components m_(p) and m_(q)with respect to the moduli p and q so that: m_(p)=m mod p and m_(q)=mmod q. The Antipa blinding scheme described earlier with parameter σ=1is used to perform blinding. Therefore, in step 306, random numbergenerator 36 generates random blinding parameter r. In step 308, thearithmetic unit 28 then performs modular arithmetic operations on thebit string r to obtain blinding components r_(p) and r_(p) where r_(p)=rmod p and r_(q)=r mod q. The values e, d_(p), and d_(q) are nextretrieved from memory 30 via bus 32, and in step 310 the arithmeticprocessing unit 28 performs the arithmetic operations to calculate: 1) ablinded signature component {tilde over (s)}_(p) corresponding tos_(p)=m_(p) ^(s) ^(p) mod p; and 2) a blinded signature component {tildeover (s)}_(q) corresponding to s_(q)=m_(q) ^(d) ^(q) mod q. Using theAntipa blinding scheme {tilde over (s)}_(p)=r_(p) ^((1-e))m_(p) ^(d)^(p) mod p and {tilde over (s)}_(q)=r_(q) ^((1-e))m_(q) ^(d) ^(q) mod qare calculated in the arithmetic processing unit 28. Once the blindedsignature components {tilde over (s)}_(p) and {tilde over (s)}_(q) arecalculated, in step 312, processing unit 28 then combines these blindedsignature components utilizing Garner's formula (1) to yield a blindedsignature 75′ corresponding to the signature {tilde over (s)}:

{tilde over (s)}=CRT({tilde over (s)} _(p),{tilde over (s)}_(q))={tildeover (s)} _(q)+[({tilde over (s)} _(p) −{tilde over (s)} _(q))(q ⁻¹ modp)mod p]q(mod n).

In this way, the blinding applied in the calculation of {tilde over(s)}_(p) and {tilde over (s)}_(q) is retained during the combination of{tilde over (s)}_(p) and {tilde over (s)}_(q) in the RSA-CRT algorithm,which results in a blinded signature {tilde over (s)}=r^((1-e))m^(d)(mod n). The cryptographic unit 18 subsequently unblinds signatures toyield s. This can be achieved, in step 314, by multiplying {tilde over(s)} by r^(e-1) to yield s.

As discussed earlier, an interloper may use fault injection techniquesto try and force one of the calculations, s_(p) or s_(q), to contain anerror and thereby output a compromised or unexpected value s that may beused to yield secret value p or q. Although the correspondent 12 mayperform an explicit validation to check whether or not the computedsignature s equals its expected value, a sophisticated interloper canprevent such a step or exploit the compromised value s beforecorrespondent 12 realizes that s has been compromised. Therefore, theembodiment described in FIG. 4 can be modified such that in step 314 thecryptographic unit 18 implements an unblinding operation that causeserrors that are injected into the calculation of either s_(p) or s_(q)to be cascaded into the value used to remove the blinding, therebyproviding confidence that the signature, if tampered with, will beincorrect both modulo p and modulo q, thus inhibiting the effectivenessof the gcd attack.

Turning therefore to FIG. 5, an embodiment of a method of unblinding theblinded signature {tilde over (s)} generated during step 312 of themethod of FIG. 4 will now be described. In step 402, cryptographic unit18 uses the blinded signatures as an input to a function ƒ({tilde over(s)}) that will yield a predetermined or known value if {tilde over (s)}is equal to its expected value. In this embodiment, the function is setas ƒ({tilde over (s)})=(m, e, {tilde over (s)}, r)=(m+e−1−({tilde over(s)}r^(e-1))^(e))mod n, which will yield known value e−1 if {tilde over(s)} is equal to its expected value, since m=({tilde over(s)}r^(e-1))^(e) mod n if {tilde over (s)}=r^((1-e))m^(d) mod n.Conveniently, in this embodiment, during the computation of ƒ(m,e,{tildeover (s)},r), processing unit 28 computes the intermediate value r^(e-1)modn n using the CRT algorithm. Also, the values r_(p) ^(e-1) mod p andr_(q) ^(e-1) mod q calculated during the CRT algorithm are convenientlypreviously computed in the course of blinding in step 310 above.

Next, in step 404, the arithmetic processing unit 28 of thecryptographic unit 18 then unblinds the blinded signatures {tilde over(s)} by multiplying {tilde over (s)} by an unblinding valuer^(ƒ(m,e,{tilde over (s)},r)) modulo n, where ƒ(m,e,{tilde over (s)},r)is the function above, which yields e−1 ifs equals its expected value of{tilde over (s)}=r^((1-e))m^(d) mod bn. To achieve this, processing unit28 performs modular arithmetic operations to calculate s={tilde over(s)}r^(ƒ(m,e,{tilde over (s)},r)) mod n. In step 406, the unblindedsignature s is then sent to correspondent 14 along with message m.

Advantageously, by unblinding the signature {tilde over (s)} as shown instep 404 above, any error injected into the computation of or {tildeover (s)}_(p) or {tilde over (s)}_(q) by an interloper will cascade intothe exponent ƒ(m,e,{tilde over (s)},r) of the valuer^(ƒ(m,e,{tilde over (s)},r)) mod n used to unblind {tilde over (s)}.This will cause the unblinded signature s to be incorrect both modulo pand modulo q, which inhibits the effectiveness of a gcd attack, since agcd attack relies upon the (compromised) signature output being correcteither modulo p or modulo q.

In an alternative embodiment, it is contemplated that prior to step 404,the cryptographic unit 18 compares the output of ƒ(m,e,{tilde over(s)},r) to e−1. If ƒ(m,e,{tilde over (s)},r)=e−1 then the signature{tilde over (s)} is validated and the unblinding process continues.However, if an error is injected into the calculation of s by aninterloper, then ƒ(m,e,{tilde over (s)},r)≠e−1, and validation thereforefails and cryptographic unit 18 notifies correspondent 12 that thesignature {tilde over (s)} calculated is not equal to its expectedvalue. However, as mentioned above, it may be the case that theinterloper is able to prevent such an explicit validation step. In sucha case, the gcd attack on the signature is still inhibited as any errorinjected into the computation of {tilde over (s)}_(p) or {tilde over(s)}_(q) by an interloper will cascade into the exponent ƒ(m,e,{tildeover (s)},r) of the value r^(ƒ(m,e,{tilde over (s)},r)) mod n used tounblind {tilde over (s)}.

In a variant of the embodiment described in FIG. 5, the exponentƒ(m,e,{tilde over (s)},r) is truncated if there is a concern that thecomputation of ƒ(m,e,{tilde over (s)},r) by processing unit 28 may yielda long and/or very different sequence when ƒ(m,e,{tilde over (s)},r)does not equal its expected value. For example, ƒ(m,e,{tilde over(s)},r) can be set as ƒ(m,e,{tilde over (s)},r)=trunc((m+e−1−({tildeover (s)}r^(e-1))^(e))mod n), where trunc( ) is a truncation functionthat truncates the bit length to be no less than the bit length of e−1.

Additionally, if there is a concern that when ƒ(m,e,{tilde over (s)},r)does not equal its expected value r^(ƒ(m,e,{tilde over (s)},r)) mod nmay be distinguishable from the exponentiation mod n, or if there is aconcern that an attacker may be able to directly set the outcome of thetruncation function to e−1, the random number generator 36 can beconfigured to generate random blinding value r having the form r=t^(α)mod n, where t and α are random values. In this case, α is preferablysmall (e.g. 32 bits). It will be appreciated that other similarrearrangements employing a randomized exponent and/or base to produce rare possible. Additionally, in such rearrangements, it is possible toutilize the trunc( )function. For example, trunc( )may be appropriatelyresized and applied after incorporating α in ƒ(m,e, {tilde over (s)},r),such that it results in α(e−1) when calculating unblinding multipliermod n, since α is not known to the attacker and may be changed for everysignature. For example, ƒ(m,e,{tilde over (s)},r) can be set asƒ(m,e,{tilde over (s)},r)=trunc((m+α(e−1)−({tilde over(s)}r^(e-1))^(e))mod n).

In the embodiment described in FIG. 5, the blinded signatures {tildeover (s)} is unblinded during the computation of ƒ(m,e,{tilde over(s)},r) itself. This is because calculating the function ƒ(m,e,{tildeover (s)},r)=(m+e−1−({tilde over (s)}r^(e-1))^(e))mod n includes theintermediate calculation {tilde over (s)}r^(e-1) mod n, whichcorresponds to unblinded value s. Therefore, an interloper may try andinduce the processing unit 28 to output the intermediate value {tildeover (s)}r^(e-1) mod n=s during the calculation of ƒ(m,e,{tilde over(s)},r). If the interloper is successful, the interloper may use thisintermediate value in a gcd attack to try and determine secretinformation. Therefore, FIG. 6 discloses an alternative embodiment ofthe unblinding method of FIG. 5 in which blinded signatures {tilde over(s)} remains blinded during the computation of ƒ(m,e,{tilde over(s)},r).

In step 502, cryptographic unit 18 uses the blinded signatures as aninput to a function ƒ({tilde over (s)}) that will yield a predeterminedor known value ifs is equal to its expected value. In this embodiment,the function is set as ƒ({tilde over (s)})=ƒ(m,e,{tilde over(s)},r)=(mr^(e)+e−1−({tilde over (s)}r^(e))^(e) mod n, which will yieldknown value e−1 if {tilde over (s)} is equal to its expected value,since ({tilde over (s)}r^(e))^(e)≡mr^(e)(mod n) if {tilde over(s)}=r^((1-e))m^(d) mod n. This function does not include a computationcorresponding to the unblinded value of the signature s.

Next, in step 504, the arithmetic processing unit 28 of thecryptographic unit 18 unblinds blinded signature {tilde over (s)} bymultiplying {tilde over (s)} by r^(ƒ(m,e,{tilde over (s)},r)), whereƒ(m,e,{tilde over (s)},r) is the function calculated above, which yieldse−1 ifs equals its expected value of {tilde over (s)}=r^((1-e))m^(d) modn. To achieve this, processing unit 28 performs modular arithmeticoperations to calculate s={tilde over (s)}r^(ƒ(m,e,{tilde over (s)},r))mod n. In step 506, the unblinded signature s is then sent tocorrespondent 14 along with message m.

Advantageously, in the embodiment shown in FIG. 6, there is nounblinding during the calculation of ƒ(m,e,{tilde over (s)},r), ratherunblinding only occurs in step 504.

As discussed with reference to the embodiment of FIG. 5, a truncationfunction may be utilized in the calculation of ƒ(m,e,{tilde over (s)},r)(e.g. ƒ(m,e,{tilde over (s)},r)=trunc((mr^(e)+e−1−({tilde over(s)}r^(e))mod n, and random blinding value r may have the form r=t^(α)mod n, where α is incorporated in ƒ(m,e,{tilde over (s)},r) such that itresults in α(e−1) when calculating unblinding multipliert^(ƒ(m,e,{tilde over (s)},r)) mod n (e.g., ƒ(m,e,{tilde over(s)},r)=trunc((mr^(e)+α(e−1)−({tilde over (s)}^(e))^(e))mod n)).

Also, as discussed with reference to the embodiment of FIG. 5, byunblinding the signatures {tilde over (s)} as shown in step 504 above,any error injected into the computation of {tilde over (s)}_(p) or{tilde over (s)}_(q) by an interloper will cascade into the exponentƒ(m,e,{tilde over (s)},r) of the value r^(ƒ(m,e,{tilde over (s)},r)) modn used to unblind {tilde over (s)}. This will cause the unblindedsignature s to be incorrect both modulo p and modulo q, which inhibitsthe effectiveness of a gcd attack.

In an alternative embodiment, it is contemplated that prior to step 504,the cryptographic unit 18 compares the output of ƒ(m,e,{tilde over(s)},r) to e−1. If ƒ(m,e,{tilde over (s)},r)=e−1 then the signatures{tilde over (s)} is validated and the unblinding process continues.However, if an error is injected into the calculation of {tilde over(s)} by an interloper, then ƒ(m,e,{tilde over (s)},r)≠e−1, andvalidation therefore fails and cryptographic unit 18 notifiescorrespondent 12 that the signature {tilde over (s)} calculated is notequal to its expected value. However, as mentioned above, it may be thecase that the interloper is able to prevent an explicit validation step.In such a case, the gcd attack on the signature is still inhibited asany error injected into the computation of {tilde over (s)}_(p) or{tilde over (s)}_(q) by an interloper will cascade into the exponentƒ(m,e,{tilde over (s)},r) of the value r^(ƒ(m,e,{tilde over (s)},r)) modn used to unblind {tilde over (s)}.

To further enhance protection against side channel attacks duringRSA-CRT computations in the embodiments described above, it is possibleto introduce randomness into the parameters used in the computations andthereby further conceal the secret values. This may be done in a numberof ways. For example, the cryptographic unit 18 may use some or all ofthe secret values p, q, d_(p), d_(q), and q⁻mod p in split form, i.e.,composed of randomized pieces. For example, the secret values can besplit as follows:

d _(p) =d _(p1) +d _(p2) , d _(q) =d _(q1) +d _(q2),

p=p _(plus) −p _(minus) , q=q _(plus) −q _(minus), and

(q ⁻¹ mod p)=qInv_(plus) −qInv_(minus),

where the split values d_(p1), d_(p2), d_(q1), d_(q2), p_(plus),p_(plus), p_(minus), q_(plus), q_(minus), qInv_(plus), and qInv_(minus)are randomly generated and stored in memory 30 by correspondent 12.

In the embodiment above, the values d_(p) and d_(q) have been split viaaddition, and the values p, q, and q⁻¹ mod p have been split viasubtraction. It will be appreciated that such a decomposition isarbitrary and that therefore other decompositions are possible. It willalso be appreciated that the multiplicity of the splitting, i.e., thenumber of constituent components in each split, may be more than two. Inany case, it is preferred that the splits are updated regularly,preferably after each signature via the addition or subtraction ofrandom components. For example, secret value d_(p) can be generated asd_(p)=(d_(p1)+δ)+(d_(p2)−δ), where 8 is a random number generated byrandom number generator 36 subsequent to each signature. Alternatively,a random value d_(p1) may be generated by random number generator 36subsequent to each signature, and then a corresponding value d_(p2),chosen such that d_(p)=d_(p1)+d_(p2). The other split secret values canbe generated in a similar manner.

Alternatively, some of the secret values may be split modularly (e.g.d_(p)=d_(p1)+d_(p2) mod(p−1)), but this may not be advantageous if thesecret modulus p−1 is needed in the combination or in further usage ofthe split components, since employing the secret modulus p−1 may leakinformation in a side channel. It is also contemplated that the splitvalues may be signed values.

The split exponents d_(p), and d_(q) can be further randomized bycryptographic unit 18 using randomly chosen multiples of p−1 and q−1:

d _(p)′=((d _(p1)+ρ_(p)(p _(plus)−1))+d _(p2))−ρ_(p) p _(minus) =d_(p)−ρ_(p)(p−1), and

d _(q)′=((d _(q1)+ρ_(q)(q _(plus)−1)−d _(q)−ρ_(q)(q−1),

where values ρ_(p) and ρ_(q) are generated by random number generator 36and have sizes that balance security against side-channel attacks, extratime spent in the exponentiation, and available storage. For example,ρ_(p) and ρ_(p) can be 32, 64, or 128 bits each, or possibly more.Additionally, in some embodiments, the order in which the split valuesare composed in the calculation is important. In these embodiments, itis desired to avoid producing the original secret value by combining thesplit terms at an intermediate step in the computation.

Regardless of how the secret values are split, these split values arethen used in place of the corresponding unsplit values in the CRTalgorithm (e.g., in place of the corresponding unsplit values in thecalculation of Garner's algorithm (1)).

In addition to splitting the secret values as described above, in yet afurther alternative embodiment, the moduli p and q can bemultiplicatively randomized in order to further strengthen the RSA-CRTcomputations against side-channel attacks. In such an embodiment, randomnumber generator 36 generates random values α₁ and α₂, and thenarithmetic processing unit 28 uses these values to randomize moduli pand q by calculating: p*=α₁p and q*=α₂q. New values α₁ and α₂ arepreferably generated for each signature. mod p* and mod q* operationsare then performed during the RSA-CRT computations in the embodimentsdescribed above instead of mod p and mod q.

It will be appreciated that in some embodiments that employmultiplicatively randomized moduli, odd moduli are required, andtherefore in such embodiments the random number generator 36 willgenerate odd random numbers α₁ and α₂. Furthermore, it will beappreciated that the length of random numbers α₁ and α₂ should besuitable for the arithmetic processing unit 28 and should be a balancebetween side-channel protection and the additional cost of using longermoduli. For example, α₁ and α₂ can be 32, 64, or 128 bits each, orpossibly more.

If the splitting of secret values discussed above is also utilized, themultiplicatively randomized secret moduli can be generated bymultiplying each split value by the random value, for example:

p*=α ₁ p _(plus)−α₁ p _(minus)=α₁ p, and

q*=α ₂ q _(plus)−α₂ q _(minus) =a ₂ q,

assuming a splitting into two values.

Conveniently, when choosing α₁ and α₂, it is not necessary to considerthe co-primality of α₁ and α₂, or to calculate their totients. This isdue to the fact that a value v is congruent to v_(p)=v mod p, even if itis first reduced modulo p*. An outline of the proof of this fact is asfollows. Let v_(p)=v mod p=v−k₁p and v_(p*)=v mod p*=v−k₂p* where k₁ andk₂ are integers, v_(p)<p, and v_(p)<p*. Reducing v_(p*) modulo p yieldsv_(p*)mod p=v_(p*)−k₃p=v−k₂p*−k₃p=v−k₄p where k₃ is an integer,k₄=k₂r₁+k₃ and v_(p*)mod p<p. Hence, by the division algorithm,v_(p)*mod p=v_(p). Therefore:

v _(p*)≡(mod p), where v_(p*)=v mod p* and v_(p)=v mod p.  (2)

Using (2), therefore:

s _(p*) ≡s _(p)(mod p), where s_(p*)=m_(p*) ^(d) ^(p) mod p* ands_(p)=M_(p) ^(d) ^(p) mod p; and

s _(q*) ≡s _(q)(mod q), where s_(q*)=m_(q*) ^(d) ^(p) mod q* ands_(q)=m_(q) ^(d) ^(q) mod q.

In view of this, when utilizing multiplicatively randomized moduli, thesignature s is not calculated using Garner's algorithm (1), but isinstead calculated using a Garner-like form similar to (1), namely:

s=s _(q*)+[(s _(p*) −s _(q*))(q ⁻¹ mod p)mod p*]q(mod n).  (3)

Using formulas (2) and (3), it is straight-forward to show thats≡s_(p*)≡s_(p) (mod p) and s≡s_(q*)≡s_(q)(mod q). Since s is correctmodulo both p and q, then computing (3) is equivalent to computings=m^(d) mod n.

In view of the above, and turning to FIG. 7, an embodiment of a methodof generating a signature s=m^(d) mod n using the RSA-CRT algorithm willnow be described in which: (a) a blinded signatures {tilde over (s)} isgenerated using the CRT algorithm as in FIG. 4; (b) the blindedsignatures {tilde over (s)} is unblinded using the method described inFIG. 6; (c) split versions of the secret values are utilized; and (d)randomized moduli p* and q* are utilized.

Correspondent 12 generates a message m, which it wishes to sign bycreating a signature s and then subsequently send to correspondent 14.Therefore, in step 602, first the correspondent 12 instructs thecryptographic unit 18 to obtain the secret values p_(plus), p_(minus),q_(plus), and q_(minus), and load these values into arithmeticprocessing unit 28 along with message m. Next, in step 604, randomnumber generator 36 then generates random values α₁ and α₂. Then, instep 606, arithmetic processing unit 28 performs modular arithmeticoperations to calculate blinded moduli p*=α₁p_(plus)−α₁p_(minus) andq*=α₂q_(plus)−a₂q_(minus). In step 608, processing unit 28 thencalculates message components m_(p*) and m_(q*), with respect to theblinded moduli p* and q* so that: m_(p*)=m mod p* and m_(q*)=m mod q*.

The Antipa blinding scheme with parameter σ=1 is used to performblinding. Therefore, in step 610, the random number generator 36generates random blinding parameter r. In step 612, processing unit 28then performs modular arithmetic operations on the bit string r toobtain blinding components r_(p*), and r_(q*) where r_(p*)=r mod p* andr_(q*)=r mod q*. In step 614, the values e, d_(p)′, and d_(q)′ are nextretrieved from memory 30 via bus 32, and processing unit 28 performsmodular arithmetic operations to calculate the randomized blindedpre-signature components:

{tilde over (s)} _(p*)=((r _(p*) ^(e) m _(p*))^((d) ^(q) ^(′) ⁻¹⁾ m_(p*))mod p*; and

{tilde over (s)} _(q*)=((r _(q*) ^(e) m _(q*))^((d) ^(q) ^(′) ⁻¹⁾mod q*.

It will be appreciated that {tilde over (s)}_(p*)≡{tilde over(s)}_(p)(mod p) and {tilde over (s)}_(q*)≡{tilde over (s)}_(q)(mod q)due to (2).

Next, in step 616, blinded value {tilde over (s)}={tilde over(s)}_(q*)+[({tilde over (s)}_(p*)−{tilde over (s)}_(q*))(q⁻¹ mod p)modp*]q (mod n) is then calculated by processing unit 28 using the splitvalues so that calculations involving p and q directly are avoided.Processing unit 28 therefore first performs modular arithmeticoperations to calculate α=({tilde over (s)}_(p*)−{tilde over(s)}_(q*))mod p*, and then b=(αq_(Inv) _(plus) −αq_(Inv) _(minus) )modp*; and then {tilde over (s)}=(bq_(plus)+{tilde over(s)}_(q*)−bq_(minus))mod n. It will be noted that {tilde over(s)}≡{tilde over (s)}_(p)(mod p), {tilde over (s)}≡{tilde over(s)}_(q)(mod q), and therefore {tilde over (s)}≡m^(d)r^(1-e)(mod n).That is, the blinded signature values calculated in this embodiment iscongruent to the blinded signature value calculated in the embodiment ofFIG. 5, which does not employ multiplicatively randomized secret moduli.

In step 618, the blinded signatures {tilde over (s)} is then unblindedby cryptographic unit 18 as described earlier, for example in the FIG. 6embodiment. In step 620 correspondent 12 then sends the unblindedsignature s to correspondent 14 along with message m.

In summary, as shown in the embodiments of FIGS. 5 and 6, maintainingthe blinding during the RSA-CRT algorithm to yield a blinded signaturevalue {tilde over (s)}, and then subsequently unblinding {tilde over(s)} using an unblinding operation that causes errors that are injectedinto the calculation of either s_(p) or s_(q) to be cascaded into theexponent used to remove the blinding inhibits the effectiveness of faultinjection attacks such as the gcd attack. In the FIG. 7 embodiment,split secret values and multiplicatively randomized secret moduli areadditionally used in the calculations to further enhance protectionagainst side-channel attacks since no computations are ever performedusing the secret values and/or secret moduli directly.

It will be appreciated that although the embodiment described in FIG. 7uses both split secret values and multiplicatively randomized secretmoduli to further enhance protection against side-channel attacks, inother embodiments only multiplicatively randomized moduli may beutilized (and not split secret values), and vice versa. In fact, as isclear from the embodiments described in FIGS. 5 and 6, neither arenecessary to counter attacks such as the gcd attack, since this isachieved by retaining the blinding during the RSA-CRT algorithm to yieldblinded signature values {tilde over (s)} and implementing an unblindingoperation that causes en-ors injected into the calculation of eithers_(p) and s_(q) to be cascaded into the exponent used to remove theblinding. However, although the use of split secret values andmultiplicatively randomized secret moduli, as shown in FIG. 7, is notnecessary to inhibit attacks such as the gcd attack, both techniques areuseful in further enhancing protection against fault injection attacksthat interrupt the computations of processing unit 28 and attempt tocause correspondent 12 to output information that may be used to derivesecret values. They are also useful in enhancing protection againstsafe-error fault attacks, in which a fault is injected in one bit of aconstant secret value per execution and the response of the device isobserved to determine the value of the faulty bit based on whether thesignature was rejected or was correct.

Although the invention has been described with reference to certainspecific embodiments, various modifications thereof will be apparent tothose skilled in the art without departing from the spirit and scope ofthe invention as outlined in the claims appended hereto.

For example, in the above-described embodiments, it has been assumedthat during the Antipa blinding, the Antipa parameter σ is equal to 1.As described in U.S. Pat. No. 7,177,423 to Antipa (“Antipa”), and asdiscussed earlier, the parameter σ may in fact be any small integer. Itis therefore contemplated that in the above-described embodiments, adoes not have to be equal to 1. In the above-described embodiments, if aπ≠1, the unblinding techniques described above may be carried out in thesame way, except for replacing e with eσ and m with m^(σ) mod n in theunblinding computations.

Additionally, in the above-described embodiments, the steps where randomvalues are generated and modular arithmetic operations are performedthereupon can be grouped and combined together to be computed before themessage to be signed is available in order to speed up the signingprocedure once the message arrives.

1. A method of computing an exponentiated message, the method beingperformed by a correspondent in a cryptographic system, thecorrespondent including a processing unit and a memory, the memoryhaving stored thereon a secret value p, a secret value q, and privatekey information; the method comprising the steps of: (a) thecorrespondent performing modular arithmetic operations in saidprocessing unit to generate a first message component and a secondmessage component, the first message component computed by operating ona message using a mod p operation, and the second message componentcomputed by operating on said message using a mod q operation; (b) theprocessing unit computing a first blinded exponentiated messagecomponent using said first message component, a value derived from ablinding parameter, and said private key information, and the processingunit computing a second blinded exponentiated message component usingsaid second message component, another value derived from said blindingparameter, and said private key information; (c) the processing unitcombining said first blinded exponentiated message component and saidsecond blinded exponentiated message component using a Chinese RemainderTheorem (CRT) algorithm to obtain a blinded exponentiated message; and(d) the processing unit combining an unblinding value with said blindedexponentiated message to obtain said exponentiated message.
 2. Themethod of claim 1 further comprising the processing unit computing saidunblinding value by: (i) applying said blinded exponentiated message asan input to a function to obtain an output value of the function, theoutput value being a predetermined value if the blinded exponentiatedmessage is equal to an expected value of the blinded exponentiatedmessage; and (ii) combining the output value of the function with saidblinding parameter to obtain said unblinding value, whereby saidunblinding value differs from an expected value of said unblinding valueif said output value of said function does not equal said predeterminedvalue, thereby countering a fault injection attack.
 3. The method ofclaim 2 wherein the cryptographic system is an RSA system having aprivate key d and a corresponding public key (n, e) wherein n=pq,gcd(e,φ)=1, and φ=(p−1)(q−1); and wherein said exponentiated message isof the form s=m^(d) mod n, said blinded exponentiated message is of theform {tilde over (s)}=r^((1-e))m^(d) mod n, said unblinding value is ofthe form r^(ƒ({tilde over (s)})), and said predetermined value of saidoutput value of said function is e−1, wherein m is said message, r issaid blinding parameter, and ƒ({tilde over (s)}) is said function. 4.The method of claim 3 wherein said first message component is of theform m_(p)=m mod p, said second message component is of the form m_(q)=mmod q, said blinding parameter r is an Antipa blinding parameter rrandomly generated by said correspondent, said first blindedexponentiated message component is of the form {tilde over(s)}_(p)=r_(p) ^((1-e))m_(w) ^(d) ^(p) mod p, and said second blindedexponentiated message component is of the form {tilde over(s)}_(q)=r_(q) ^((1-e))m_(q) ^(d) ^(q) mod q, wherein r_(p)=r mod p,r_(q)=r mod q, d_(p)=d mod(p−1), and d_(q)=d mod(q−1).
 5. The method ofclaim 4 wherein said secret value p is multiplicatively randomized usinga random value α₁ generated by said correspondent, wherein said secretvalue q is multiplicatively randomized using a random value α₂ generatedby said correspondent, and wherein said CRT algorithm includes the stepof computing said blinded exponentiated message as {tilde over(s)}={tilde over (s)}_(q*)+[({tilde over (s)}_(p*)−{tilde over(s)}_(q*))(q⁻¹ mod p)mod p*]q(mod n), wherein p* and q* represent themultiplicatively randomized values of said secret value p and saidsecret value q respectively.
 6. The method of claim 1 wherein said valuederived from said blinding parameter and said another value derived fromsaid blinding parameter are the same value.
 7. The method of claim 3wherein said function ƒ({tilde over (s)}) is of the form(mr^(e)+e−1−({tilde over (s)}r^(e))^(e))mod n.
 8. A computer-readablemedium having stored thereon computer readable instructions forperforming a method of computing an exponentiated message, the method tobe performed by a correspondent in a cryptographic system, thecorrespondent including a processing unit and a memory, the memoryhaving stored thereon a secret value p, a secret value q, and privatekey information; said computer readable instructions comprisinginstructions for: (a) the correspondent performing modular arithmeticoperations in said processing unit to generate a first message componentand a second message component, the first message component computed byoperating on a message using a mod p operation, and the second messagecomponent computed by operating on said message using a mod q operation;(b) the processing unit computing a first blinded exponentiated messagecomponent using said first message component, a value derived from ablinding parameter, and said private key information, and the processingunit computing a second blinded exponentiated message component usingsaid second message component, another value derived from said blindingvalue, and said private key information; (c) the processing unitcombining said first blinded exponentiated message component and saidsecond blinded exponentiated message component using a Chinese RemainderTheorem (CRT) algorithm to obtain a blinded exponentiated message; and(d) the processing unit combining an unblinding value with said blindedexponentiated message to obtain said exponentiated message.
 9. Thecomputer readable medium of claim 8 wherein said instructions furthercomprise instructions for the processing unit computing said unblindingvalue by: (i) applying said blinded exponentiated message as an input toa function to obtain an output value of the function, the output valuebeing a predetermined value if the blinded exponentiated message isequal to an expected value of the blinded exponentiated message; and(ii) combining the output value of the function with said blindingparameter to obtain said unblinding value, whereby said unblinding valuediffers from an expected value of said unblinding value if said outputvalue of said function does not equal said predetermined value, therebycountering a fault injection attack.
 10. The computer readable medium ofclaim 9 wherein the cryptographic system is an RSA system having aprivate key d and a corresponding public key (n, e) wherein n=pq,gcd(e,φ)=1, and φ=(p−1)(q−1); and wherein said exponentiated message isof the form s=m^(d) mod n, said blinded exponentiated message is of theform {tilde over (s)}=r^((1-e))m^(d) mod n, said unblinding value is ofthe form r^(ƒ({tilde over (s)})), and said predetermined value of saidoutput value of said function is e−1, wherein m is said message, r issaid blinding parameter, and f({tilde over (s)}) is said function. 11.The computer readable medium of claim 10 wherein said first messagecomponent is of the form m_(P)=m mod p, said second message component isof the form m_(q)=m mod q, said blinding parameter r is an Antipablinding parameter r randomly generated by said correspondent, saidfirst blinded exponentiated message component is of the form {tilde over(s)}_(p)=r_(p) ^((1-e))m_(p) ^(d) ^(p) mod p, and said second blindedexponentiated message component is of the form {tilde over (s)}_(q)^((1-e))=r_(q) ^(d) ^(q) ) mod q, wherein r_(p)=r mod p, r_(p)=r mod q,d_(p)=d mod(p−1), and d_(p)=d mod(q−1).
 12. The computer readable mediumof claim 11 wherein said instructions further comprise instructions formultiplicatively randomizing said secret value p using a random value α₁generated by said correspondent, and multiplicatively randomizing saidsecret value q using a random value α₂ generated by said correspondent;and wherein said CRT algorithm includes the step of computing saidblinded exponentiated message as {tilde over (s)}={tilde over(s)}_(q*)+[({tilde over (s)}_(p*)−{tilde over (s)}_(q*))(q⁻¹ mod p)modp*]q(mod n), wherein p* and q* represent the multiplicatively randomizedvalues of said secret value p and said secret value q respectively. 13.The computer readable medium of claim 10 wherein said function ƒ({tildeover (s)}) is of the form (mr^(e)+e−1−({tilde over (s)}r^(e))^(e))mod n.14. The computer readable medium of claim 8 wherein said value derivedfrom said blinding parameter and said another value derived from saidblinding parameter are the same value.
 15. A device in a cryptographicsystem, the device being configured to perform a method of computing anexponentiated message; the device including a processing unit and amemory, the memory having stored thereon a secret value p, a secretvalue q, and private key information; the device being configured forperforming the steps of: (a) performing modular arithmetic operations insaid processing unit to generate a first message component and a secondmessage component, the first message component computed by operating ona message using a mod p operation, and the second message componentcomputed by operating on said message using a mod q operation; (b) theprocessing unit computing a first blinded exponentiated messagecomponent using said first message component, a value derived from ablinding parameter, and said private key information, and the processingunit computing a second blinded exponentiated message component usingsaid second message component, another value derived from said blindingparameter, and said private key information; (c) the processing unitcombining said first blinded exponentiated message component and saidsecond blinded exponentiated message component using a Chinese RemainderTheorem (CRT) algorithm to obtain a blinded exponentiated message; and(d) the processing unit combining an unblinding value with said blindedexponentiated message to obtain said exponentiated message.
 16. Thedevice of claim 15 wherein the device is further configured forperforming the step of the processing unit computing said unblindingvalue by: (i) applying said blinded exponentiated message as an input toa function to obtain an output value of the function, the output valuebeing a predetermined value if the blinded exponentiated message isequal to an expected value of the blinded exponentiated message; and(ii) combining the output value of the function with said blindingparameter to obtain said unblinding value, whereby said unblinding valuediffers from an expected value of said unblinding value if said outputvalue of said function does not equal said predetermined value, therebycountering a fault injection attack.
 17. The device of claim 16 whereinthe cryptographic system is an RSA system having a private key d and acorresponding public key (n, e) wherein n=pq, gcd(e,φ)=1, andφ=(p−1)(q−1); and wherein said exponentiated message is of the form{tilde over (s)}=r^((1-e))m^(d) mod n, said blinded exponentiatedmessage is of the form {tilde over (s)}=r^((1-e))m^(d) mod n, saidunblinding value is of the form r^(ƒ({tilde over (s)})), and saidpredetermined value of said output value of said function is e−1,wherein m is said message, r is said blinding parameter, and ƒ({tildeover (s)}) is said function.
 18. The device of claim 17 wherein saidfirst message component is of the form m_(P)=m mod p, said secondmessage component is of the form m_(q)=m mod q, said blinding parameterr is an Antipa blinding parameter r randomly generated by a randomnumber generator, said first blinded exponentiated message component isof the form {tilde over (s)}_(P)=r_(p) ^((1-e))m_(p) ^(d) ^(p) mod p,and said second blinded exponentiated message component is of the form{tilde over (s)}_(q)=r_(q) ^((1-e))m_(q) ^(d) ^(p) mod q, whereinr_(p)=r mod p, r_(q)=r mod q, d_(p)=d mod(p−1), and d_(q)=d mod(q−1).19. The device of claim 18 wherein said device is further configured formultiplicatively randomizing said secret value p using a random value α₁generated by said random number generator, and multiplicativelyrandomizing said secret value q using a random value α₂ generated bysaid random number generator; and wherein said CRT algorithm includesthe step of computing said blinded exponentiated message as {tilde over(s)}={tilde over (s)}_(q*)+[({tilde over (s)}_(p*)−{tilde over(s)}_(q*))(q⁻¹ mod p)mod p*]q(mod n), wherein p* and q* represent themultiplicatively randomized values of said secret value p and saidsecret value q respectively.
 20. The device of claim 17 wherein saidfunction ƒ({tilde over (s)}) is of the form (mr^(e)+e−1−({tilde over(s)}^(e))^(e))mod n.
 21. The device of claim 15 wherein said valuederived from said blinding parameter and said another value derived fromsaid blinding parameter are the same value.